The most compelling reason aside form being more maintainable, is that drupal forms api implements cross-site scripting vulnerability protections that may not have been taken care of in the original code.
Dave
________________________________
From: support-bounces@drupal.org [mailto:support-bounces@drupal.org] On Behalf Of Shai Gluskin Sent: Tuesday, February 03, 2009 11:45 AM To: support@drupal.org Subject: [support] HTML forms not Drupal's Forms API -- Badness ExplanationNeeded
Gang,
I've red-flagged for a potential client (abandoned by former Drupal developer) an event registration page on their site that uses an html form to deliver some variables to a Paypal page. Looks like the code came from a Paypal help page.
I'm proposing using a combination of the signup and signup_pay modules to handle this functionality. I'd like to give the client a little more detail on why it is bad to use regular html forms in addition to "It's more stable," or "it's the Drupal way." On the "It's more stable" argument, I need some more detail on why and what are some bad things that can.
Any help would be most appreciated.
Thanks,
Shai